Exchange Online Mail flow Alert policies

Hi All,

Maybe you have noticed the new Mail flow Alert policies in Exchange Admin Center.
You can define new Alert policies, define the Severity, the Insight, the recipient, the Notification Limit and sometimes also the Threshold for the Alert.

For me it's a little bit odd to send an Email in case something does not work well with the Mailflow.
It could be that you get the Email very late or even when the issue is already resolved. As far as i know there is still no dedicated API to get to Informations like these... Let me know if i am wrong.

Alert policies in Exchange Online

This is the direct Link for Exchange Admin Center

I've clicked on the Existing Alert Policy


You have some general Settings


And the Settings itself


Let's create a new Alert Policy









You can also see these Alertpolicies in Microsoft Purview


To view the Alerts you need the ExchangeOnlineManagement Module and the following commands

Connect-IPPSSession
Get-ProtectionAlert | where {$_.Category -eq "MailFlow"}



I've created every combination:
Severity: High / Medium / Low
Insight: Mail loop / Slow transport rule / New users forwarding / New domains beeing forwarded / Cert expiry


These seem to be the Filters. Now you can go ahead and create the Alerts via PowerShell

New-ProtectionAlert

Insight Type Filter
Mail Loop Insights.InsightType -eq '1602'
Slow Transport Rule Insights.InsightType -eq '1604'
New users forwarding Insights.InsightType -eq '1606'
New fomains beeing forwarded Insights.InsightType -eq '1607'
Cert expiry Insights.InsightType -eq '1610'

Regards
Andres Bohren